CSE 338/ CSE225

Testing, Verification
and Validation
Dr. Islam El-Maddah
Ain Shams University
Faculty of Engineering

10-Jul-25 1
Contents
Week Topic
1 Introduction to testing, Validation and Verification
2 Testing across the SDLC
3 White-box vs black box testing
4 Unit testing
5 Integration testing
6 Regression testing
7 Boundary value testing
8 Test space Partitioning
9 Test-case, test-suite, CFG
10 Statement. Branch testing coverage
11 Path testing coverage
12 Non-functional testing
13 Testing based on use-case and state transitions
14 Testing based on state space
10-Jul-25 2
15 J-unit testing
 Hierarchy of Testing
Testing

Ad Hoc Program Testing System Testing Acceptance

Testing
Unit Testing Integration Testing Function
Benchmark
Black Box Properties
Top Down
Performance Pilot
Equivalence
Bottom Up
Boundary Reliability Alpha
Big Bang
Decision Table Availability
Beta
State Transition Sandwich Security

Use Case Usability

Domain Analysis Documentation

White Box Portability

Control Flow 3
Data Flow Capacity
Course details
• Instructor: Dr. Islam El-Maddah,
islam_elmaddah@[Link]
• [Link]@[Link]
• Office hours: Saturday 12:30 am to 2:30 pm,
Int Bank Labs.
• Book: Software Testing Foundations Andreas
Spillner, Tilo Linz, Hans Schaefer
• Lectures : Tuesday 11:00 to 2:0 pm 931A
• Marks: 1 midterm (20), 1 project(20), Lab Assignments
(15), 2 quizzes(5), final (40)
• Coding: C, C++, Java, Junit
10-Jul-25 4
Software Development Lifecycle SDLC

10-Jul-25 5
Errors, Fault, Failure

10-Jul-25 6
Error, Fault, Failure

cin >>x>>y;
Z=x/y;

• Correcting bugs can If user enters y=0?

reveal other bugs !! The fault is revealed
and a runtime error
will happen this can
crash a system
(failure)
10-Jul-25 7
Terms

• Validation
• Ensuring that the specification is correct
• Determine that the software to be built is actually
what the user wants!
• Verification
• Ensuring that the software runs correctly

10-Jul-25 8
Testing

• Software testing
• is an investigation conducted to provide
stakeholders with information about the
quality of the product or service under test

10-Jul-25 9
Validation or Verification?

Validation
Building the right software
Make sure it’s what the user wants

Verification
Building the software right
Make sure it works

Accurate, complete specification

essential!

10-Jul-25 10
Specifications

• Functional
• Define actions and operations of system
• Each transaction shall be stored in a database
• Can be verified by software tests
• Apply an input data set
• Compare output state to expected state
• Expected state is defined in specifications

10-Jul-25 11
Specifications

• Functional
• Define actions and operations of system
• Can be verified by software tests
• Non-functional
• Performance
• Searches will take <2 seconds
• Messages will be compressed by 60%
• Usability
• A trained monkey shall be able to run this software
• Require special tests

10-Jul-25 12
Specifications

• Functional
• Define actions and operations of system
• Can be verified by software tests
• Non-functional
• Performance
• Searches will take <2 seconds
• Messages will be compressed by 60%
• Usability
• A trained monkey shall be able to run this software
• Require special tests

10-Jul-25 13
Testing Purposes

• Find/Detect Failures

• Measure Quality

• Provide Confidence

• Prevent Failures

10-Jul-25 14
 Testing Principles
Principle 1: shows the presence of
defects not their absence
Principle 2: exhaustive testing is
impossible
Principle 3: testing activities
should start as early as possible
Principle 4: defect clustering
Principle 5: pesticide paradox
Principle 6: is context dependent
Principle 7: no failure means the
system is useful is fallacy

10-Jul-25 15
Example find the GCD of two integer
numbers

Specification
• X % gcd = 0
• Y % gcd =0
• if a is gcd(x,y) and b is gcd(x,y) → a=b
• if a is gcd(x,y) and b is cd(x,y) → a>=b

10-Jul-25 16
Example find GCD of two integer
numbers

Design
• Go through numbers between min(x,y) and 1
• If a given number is CD then break and return
this number

10-Jul-25 17
Example find GCD of two integer
numbers

Code
for(int i=min(x,y); i>=1;i--)
if (x%i==0 && y%i==0) return i;

10-Jul-25 18
 Example find GCD of two integer
numbers

Testing
• Test case (x=4, y=6, expected output=2)
• Test case (x=64, y= 8, expected output=8)
• Test case (x=49, y= 64, expected output=1)

• Test case (x=9.1, y= 64, expected output=undefined)

10-Jul-25 19
Testing

• Aim
• Locate and repair defects
• Axiom

Testing only reveals the presence of defects,

it never proves their absence!!
• No matter how much testing you do, you can’t be
sure that there isn’t an error waiting to bite you!

10-Jul-25 20
Testing
The alternative?
• Formal verification
• Uses formal logic to prove that software is correct
• Currently:
• Prohibitively expensive
• Little automated support
• Mainly manual techniques
• Error prone
• Only feasible when cost of failure is extreme
• Usually when failure leads to loss of life
• Air and space craft control
• Medical systems
• Nuclear plants
10-Jul-25 21
Testing - Motivation
Definitely the least beautiful part of software
development 
• Possibly the most expensive!
• If not carried out thoroughly!
• Estimates of the economic cost of software failure
produce astronomic numbers

10-Jul-25 22
Famous software failures

• July 28, 1962 Mariner I

space probe
• A bug in the flight software for the
Mariner 1 causes the rocket to divert
from its intended path on launch.
Mission control destroys the rocket over
the Atlantic Ocean. The investigation
into the accident discovers that a
formula written on paper in pencil was
improperly transcribed into computer
code, causing the computer to
miscalculate the rocket's trajectory.

10-Jul-25 23
Famous software failures

• 1982 -- Soviet gas pipeline.

Operatives working for the Central Intelligence
Agency allegedly plant a bug in a Canadian
computer system purchased to control the trans-
Siberian gas pipeline. The Soviets had obtained
the system as part of a wide-ranging effort to
covertly purchase or steal sensitive U.S.
technology. The CIA reportedly found out about
the program and decided to make it backfire with
equipment that would pass Soviet inspection and
then fail once in operation. The resulting event is
reportedly the largest non-nuclear explosion in
the planet's history.
10-Jul-25 24
 Famous software failures
• 1985-1987 -- Therac-25 medical accelerator
• Based upon a previous design, the Therac-25 was an
"improved" therapy system that could deliver two different
kinds of radiation: either a low-power electron beam or X-
rays. The Therac-25's X-rays were generated by smashing
high-power electrons into a metal target positioned between
the electron gun and the patient. A second "improvement" was
the replacement of the older Therac-20's electromechanical
safety interlocks with software control, a decision made
because software was perceived to be more reliable.
• What engineers didn't know was that both the 20 and the 25
were built upon an operating system that had been kludged
together by a programmer with no formal training. Because of
a subtle bug called a "race condition," a quick-fingered typist
could accidentally configure the Therac-25 so the electron
beam would fire in high-power mode but with the metal X-
ray target out of position. At least five patients die; others are
seriously injured.
10-Jul-25 25